use of org.xdi.oxauth.model.fido.u2f.RegisterRequestMessageLdap in project oxAuth by GluuFederation.
the class U2fRegistrationWS method finishRegistration.
@POST
@Produces({ "application/json" })
public Response finishRegistration(@FormParam("username") String userName, @FormParam("tokenResponse") String registerResponseString) {
String sessionState = null;
try {
log.debug("Finishing registration for username '{}' with response '{}'", userName, registerResponseString);
RegisterResponse registerResponse = ServerUtil.jsonMapperWithWrapRoot().readValue(registerResponseString, RegisterResponse.class);
String requestId = registerResponse.getRequestId();
RegisterRequestMessageLdap registerRequestMessageLdap = u2fRegistrationService.getRegisterRequestMessageByRequestId(requestId);
if (registerRequestMessageLdap == null) {
throw new WebApplicationException(Response.status(Response.Status.FORBIDDEN).entity(errorResponseFactory.getJsonErrorResponse(U2fErrorResponseType.SESSION_EXPIRED)).build());
}
u2fRegistrationService.removeRegisterRequestMessage(registerRequestMessageLdap);
String foundUserInum = registerRequestMessageLdap.getUserInum();
RegisterRequestMessage registerRequestMessage = registerRequestMessageLdap.getRegisterRequestMessage();
DeviceRegistrationResult deviceRegistrationResult = u2fRegistrationService.finishRegistration(registerRequestMessage, registerResponse, foundUserInum);
// If sessionState is not empty update session
sessionState = registerRequestMessageLdap.getSessionState();
if (StringHelper.isNotEmpty(sessionState)) {
log.debug("There is session state. Setting session state attributes");
boolean oneStep = StringHelper.isEmpty(foundUserInum);
userSessionStateService.updateUserSessionStateOnFinishRequest(sessionState, foundUserInum, deviceRegistrationResult, true, oneStep);
}
RegisterStatus registerStatus = new RegisterStatus(Constants.RESULT_SUCCESS, requestId);
// Convert manually to avoid possible conflict between resteasy providers, e.g. jettison, jackson
final String entity = ServerUtil.asJson(registerStatus);
return Response.status(Response.Status.OK).entity(entity).cacheControl(ServerUtil.cacheControl(true)).build();
} catch (Exception ex) {
log.error("Exception happened", ex);
try {
// If sessionState is not empty update session
if (StringHelper.isNotEmpty(sessionState)) {
log.debug("There is session state. Setting session state status to 'declined'");
userSessionStateService.updateUserSessionStateOnError(sessionState);
}
} catch (Exception ex2) {
log.error("Failed to update session state status", ex2);
}
if (ex instanceof WebApplicationException) {
throw (WebApplicationException) ex;
}
if (ex instanceof BadInputException) {
throw new WebApplicationException(Response.status(Response.Status.FORBIDDEN).entity(errorResponseFactory.getErrorResponse(U2fErrorResponseType.INVALID_REQUEST)).build());
}
throw new WebApplicationException(Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(errorResponseFactory.getJsonErrorResponse(U2fErrorResponseType.SERVER_ERROR)).build());
}
}
use of org.xdi.oxauth.model.fido.u2f.RegisterRequestMessageLdap in project oxAuth by GluuFederation.
the class RegistrationService method getRegisterRequestMessage.
public RegisterRequestMessage getRegisterRequestMessage(String oxId) {
String requestDn = getDnForRegisterRequestMessage(oxId);
RegisterRequestMessageLdap registerRequestMessageLdap = ldapEntryManager.find(RegisterRequestMessageLdap.class, requestDn);
if (registerRequestMessageLdap == null) {
return null;
}
return registerRequestMessageLdap.getRegisterRequestMessage();
}
use of org.xdi.oxauth.model.fido.u2f.RegisterRequestMessageLdap in project oxAuth by GluuFederation.
the class RegistrationService method storeRegisterRequestMessage.
public void storeRegisterRequestMessage(RegisterRequestMessage requestMessage, String userInum, String sessionState) {
Date now = new GregorianCalendar(TimeZone.getTimeZone("UTC")).getTime();
final String registerRequestMessageId = UUID.randomUUID().toString();
RequestMessageLdap registerRequestMessageLdap = new RegisterRequestMessageLdap(getDnForRegisterRequestMessage(registerRequestMessageId), registerRequestMessageId, now, sessionState, userInum, requestMessage);
ldapEntryManager.persist(registerRequestMessageLdap);
}
use of org.xdi.oxauth.model.fido.u2f.RegisterRequestMessageLdap in project oxAuth by GluuFederation.
the class RegistrationService method getRegisterRequestMessageByRequestId.
public RegisterRequestMessageLdap getRegisterRequestMessageByRequestId(String requestId) {
String baseDn = getDnForRegisterRequestMessage(null);
Filter requestIdFilter = Filter.createEqualityFilter("oxRequestId", requestId);
List<RegisterRequestMessageLdap> registerRequestMessagesLdap = ldapEntryManager.findEntries(baseDn, RegisterRequestMessageLdap.class, requestIdFilter);
if ((registerRequestMessagesLdap == null) || registerRequestMessagesLdap.isEmpty()) {
return null;
}
return registerRequestMessagesLdap.get(0);
}
Aggregations